Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to arbitrarily change transmitter configuration and data after logging out.
Weakness
According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Etg150_firmware | Elenos | 3.12 (including) | 3.12 (including) |